Menu

Month: January 2019

In a cloud environment, the effective way to organize and manage your infrastructure is by tagging your resources. Example, if your client has multiple silos like marketing, sales etc., and your cost model is different to each silo, tagging the resources provides an effective way to measure and manage the cost for your client.

You may need to install a software (exe, MSI etc..) on your Azure virtual machines as per the on-boarding process. The traditional way of doing this is to RDP to your virtual machine and then install the software.

Azure and PowerShell make this task simple by introducing “Custom Script Extension (CSE)” for Azure Virtual machines. Using CSE you can install the executables without login into the servers. The process also reduces human effort by a lot, hence increasing the ROI for your team.

As an example, let us see how to deploy a BigFix client into an Azure Windows Virtual Machine:

The process requires two scripts:

Script 1: installAgent.ps1

This script does the silent installation of the agents. This script must be uploaded into Azure Storage Account along with the exe/MSI.

Script 2: triggerCSE.ps1

This script installs the CSE on the Windows Azure virtual machine. Checks if the Virtual Machine is STOPPED. If it is stopped, it will start the virtual machine, install the CSE, and then it will stop the virtual machine.

Steps to be followed

Upload all the necessary files (BigFix installation files) into Azure Storage account and provide Anonymous access to the container.

Upload the installAgent.ps1 PowerShell script into Azure Storage account and provide Anonymous access to the container.

Execute the triggerCSE.ps1 from your laptop or you can completely automate the solution using Azure Automation Account.

As an enhancement, you can add additional checks, create a log file and have it uploaded to another Storage Account. Or, create an Azure Storage Table, and write the updates to it tracking how many virtual machines the CSE is installed.

Just like any other computer, virtual machines in Azure use disks as a place to store an operating system, applications, and data. All Azure virtual machines have at least two disks – a Windows operating system disk and a temporary disk. The operating system disk is created from an image, and both the operating system disk and the image are virtual hard disks (VHDs) stored in an Azure storage account. Virtual machines also can have one or more data disks, that are also stored as VHDs.

Consider a case where you have configured an Azure virtual machine that hosts applications and you have saved an application data in multiple data disks. Now you want to create multiple virtual machines or copy all those data disks to other virtual machines.

You can now perform a copy Data Disk operation from one Azure virtual machine to another Azure virtual machine by using a PowerShell script.

Authenticate to Azure subscription using PowerShell

The first task before working with any Azure services using PowerShell is to authenticate to your Azure subscription. Below is the cmdlet that allows you to authenticate to your subscription. It prompts you to enter your login credentials. If you have enabled MFA (Multi-Factor Authentication), you will have to provide the necessary details to complete the authentication process.

Login-AzureRmAccount

The above cmdlet requires user intervention to provide credentials, now we cannot have user intervention while authenticating programmatically. The below script will help us authenticate programmatically.

If your email ID is registered with multiple subscriptions, you will log in to a default subscription. The below cmdlet will list all the subscriptions that your email Id is registered with:

Get-AzureRmSubscription

Any Azure PowerShell cmdlets you run henceforth will query the default subscription. That is, retrieve the details about the resources from that subscription. Use the below cmdlet to change the subscription:

Pass the “ID” that you get from Get-AzureRmSubscription cmdlet as a value to the “-Subscription” parameter.

Authenticate to Azure subscription via Azure Automation Runbook

Azure offers more than one way of automating your infrastructure. One such service is Azure Automation Account. Your runbooks will need to authenticate to your Azure environment before it can act on your Azure resources.

To achieve this, you will need a “RunAs” connection to your Azure Automation Account. Below link will help you create one using Azure Portal.